In the German speaking computer science world, Dagstuhl is a magic word — the seminars there are as renowned as the library and the obligatory picture on the stairs of Schloss Dagstuhl.

In January 2016, George Danezis (University College London, GB), Stefan Katzenbeisser (TU Darmstadt, DE), Christiane Peters (IBM Belgium, BE) and Bart Preneel (KU Leuven, BE) invited international researchers to a Dagstuhl seminar on “Privacy and Security in Smart Energy Grids”. Dominik Engel was thrilled to get asked to participate, discuss ideas and research trends and finally get into a pictures on the famous stairs.

Cornelia Ferner has joined the JRC research team in September 2015. Cornelia will contribute her expertise in data analytics for the project PROMISE. We are happy to welcome Cornelia to the team!

This week, Dr. Andreas Unterweger has joined our team. Andreas will be working in the area of compressing and securing smart grid data — a field in which Andreas has already collaborated with the JRC during his PhD.

Fabian Knirsch presented our joint work on smart grid privacy with University of Southern California at ICISSP, the first international conference in information systems security and privacy. We are very proud that our paper was awarded a Best Paper Award at ICISSP. While Fabian is on his way to present a paper at ISGT in Washington we’ll celebrate here in Austria.

In the ICISSP paper, privacy issues are discussed that immediately affect the user. For novel energy systems (referred to as the smart grid) a set of tools is presented that allow assessing the privacy impact of particular use cases within the smart grid. A use case is – for instance – the use of smart meter, the utilization of electric vehicles or the active participation in demand response.

In order to capture and combine both, the complexity of the smart grid and the complexity of the individual use cases, an ontology driven approach is presented. Ontologies formally define all entities and relationships in a specific domain. Based on such an ontology, the tool is able to draw conclusions, due to logic derivations and previously integrated external knowledge.

Finally, the degree to which customer privacy is affected is assessed qualitatively (where and how) and quantitatively (to what extent). This assessment allows users to make informed decisions for the usage of and the participation in smart grid applications.

• F. Knirsch, D. Engel, C. Neureiter, M. Frincu, and V. Prasanna, “Model-driven Privacy Assessment in the Smart Grid,” in Proceedings of the 1st International Conference on Information Systems Security and Privacy (ICISSP), 2015, p. 173–181.
  [Bibtex]

  @InProceedings{Knirsch15b,
  author = {Fabian Knirsch and Dominik Engel and Christian Neureiter and Marc Frincu and Viktor Prasanna},
  title = {Model-driven Privacy Assessment in the Smart Grid},
  booktitle = {{Proceedings of the 1st International Conference on Information Systems Security and Privacy (ICISSP)}},
  year = {2015},
  pages = {173--181},
  month = {Feb},
  note = {Best Paper Award.},
  pdf = {http://www.en-trust.at/papers/Knirsch15b.pdf},
  }

Two of our master students, Christian Peer and Wolfgang Lausenhammer, received awards from the Austrian Labour Chamber for their master’s theses for their work on smart meter privacy and demand response simulation, respectively.

This year, seven students wrote their theses at the Josef Ressel Center. Yesterday, they celebrated their graduation. Congratulations!

The students and their topics from left to right:

• Felix Moser, Modellbasierte Entwicklung eines Demand Side Management Systems unter Verwendung des Smart Grid Architecture Models (SGAM)
  • Supervisor: Christian Neureiter
• Gerfried Schweiger, Smart Grid Sicherheit in IEEE1901.2 Netzwerken unter Berücksichtigung nationaler Datenschutzrichtlinien
  • Supervisor: Dominik Engel
• Fabian Knirsch, Generic Data Models and Semantic Retrieval in Smart Grid IT Infrastructures
  • University of Southern California, USA (Marshall Plan Grant)
  • Supervisors: Marc Frinu, Dominik Engel
• Mike Pichler, Software Architektur für CEM-Systeme
  • Supervisor: Armin Veichtlbauer
• David Brucker, Experimentelle Bestimmung der Abhängigkeiten der Performance von NILM-Attacken auf TV-Geräte
  • Supervisor: Günther Eibl
• Wolfgang Lausenhammer, User-Centric Simulation of Demand Response Optimization
  • Bowling Green State University, USA (Marshall Plan Grant)
  • Supervisors: Robert C. Green, Dominik Engel
• Christian Peer, Secure Signal Processing for Smart Grid Privacy
  • Cornell University, USA (Marshall Plan Grant)
  • Supervisors: Stephen Wicker, Dominik Engel

Christian D. Peer presented our joint work with Steve Wicker from Cornell University, USA at IEEE SmartGridComm 2014 in Venice, Italy.

• C. Peer, D. Engel, and S. Wicker, “Hierarchical Key Management for Multi-resolution Load Data Representation,” in Proceedings of 5th IEEE International Conference on Smart Grid Communications (SmartGridComm 2014), Venice, Italy, 2014, p. 926–932.
  [Bibtex]

  @InProceedings{Peer14a,
  author = {Christian Peer and Dominik Engel and Stephen Wicker},
  title = {Hierarchical Key Management for Multi-resolution Load Data Representation},
  booktitle = {Proceedings of 5th IEEE International Conference on Smart Grid Communications (SmartGridComm 2014)},
  year = {2014},
  pages = {926--932},
  address = {Venice, Italy},
  month = nov,
  publisher = {IEEE},
  pdf = {http://www.en-trust.at/papers/Peer14a.pdf},
  }

We are happy to welcome Fabian Knirsch and Michael Fischinger to our team. Both are graduates from Salzburg University of Applied Sciences and will support us in the areas of multi-resolution data representation for privacy-preserving Smart Metering and communication and content security for using the XMPP protocol in Smart Grids, respectively.

On October 14th SPARKS sponsored a panel presentation at the IEEE PES Innovative Smart Grid Technologies Conference in Istanbul. The panel was dedicated to smart grid cybersecurity, its challenges, and the next steps to be taken on the path to a reliable intelligent power grid. After the panel chair, Dr Lucie Langer from AIT Austrian Institute of Technology, had provided an introduction to the subject and outlined the key contributions of the SPARKS project in this regard, the four panellists gave short presentations on their position.

Dr Robert W Griffin from RSA, the security division of EMC, presented the benefits of big data analytics and shared cyber intelligence for smart grids and critical infrastructures. Intelligence-driven security can help to visualise incidents, to ensure prompt and adequate response, and to predict future behaviour, thus enhancing the resilience of the overall system. He pointed to the final report on Smart Grid to the US Department of Energy recently issued by IEEE PES, which stresses the need for a holistic, integrated approach to achieve optimal cost-effective solutions which help to establish an intelligent, self-healing grid.

Mr Ralph Eckmaier, an independent consultant, advisor and auditor for information security, subsequently spoke about the status-quo of smart grid security standardisation. He argued that most smart grid areas are already covered by existing (communication) standards, and pointed to the Smart Grids Standards Map developed by IEC, which can prove useful when trying to figure out the relationships between smart grid components and effective (security) standards. However, as standards provide recommendations only, appropriate baselines and minimum requirements must be defined and should be part of an according regulatory framework.

Next, Prof Dr Dominik Engel, Professor at Salzburg University of Applied Sciences and Director of the Josef Ressel Center for User-Centric Smart Grid Privacy, Security and Control, gave a presentation on privacy challenges in smart grids. He explained the ways in which high-frequency metering data can be used to draw conclusions on customer behaviour or lifestyle, and stressed that data resolution is crucial for the amount of information which can be extracted from given data. Privacy-enhancing technologies could solve the problem, but are not yet ready for real-world use due to computational complexity or economic feasibility, for example.

Finally, Mr Mehmet Tahir Sandikkaya, PhD student in Computer Engineering at Istanbul Technical University, gave a presentation on the limits of securing the smart grid. Measures to reduce the risk to smart grids may include, for example, preventing physical attacks by security the perimeter, countering cyber attacks by securing programmable devices, and preventing insider attacks by cross-checking every human action. However, these measures come at (potentially high) costs, and cannot guarantee perfect security (as no such thing exists). Therefore, the right balance between costs and benefits of securing the smart grid must be established.

The panellists’ introductory statements were followed by an open discussion involving the audience. Questions included, for example, the right level of transparency towards smart grid customers regarding usage of metering data, or the need for a legal and regulatory framework such as the Protection Profiles developed by the German Federal Office for Information Security. To conclude the panel session, the panel chair asked the panellists for the most important next steps to be taken to secure the smart grid, from their point of view. According to Tahir Sandikkaya , the focus of the measures taken should be on customer privacy, as a breach of customer data could have a permanent impact on customer trust and utilities’ reputation. Dominik Engel added that risk assessment is a key factor able to support stakeholders in identifying high-risk areas and making the right decisions on how to spend the limited resources, thus effectively securing our future power grid.

(c) Text by Lucie Langer from AIT. Thanks!

The SGAM-Toolbox is featured in this Heise news: http://heise.de/-2195432.